[Pacemaker] RES: "Using ldirectord" page question

Dennis Jacobfeuerborn dennisml at conversis.de
Tue Sep 4 14:32:06 UTC 2012


Hi,
I understand why this is necessary on the realservers but I'm not sure why
that would be necessary on the load-balancers.
Now I'm wondering if in the example setup the load-balancers and real
servers are supposed to be the same machines but since with the DR/gate
method the response packets may not be routed back through the
load-balancers this cannot work either.

Regards,
  Dennis

On 09/04/2012 06:34 AM, Carlos Xavier wrote:
> Hi.
> 
> The virtual IP on the loopback are needed for the real servers, so as they
> can answer the packets sent to them.
> You also need to edit the file /etc/sysctl.conf to disable the reply to arp
> requests of the virtual addresses configured on the loopback.
> This is what I had to add to my web servers sysctl.conf, adjust it to your
> configuration:
> ########
> # Enable configuration of arp_ignore option
> net.ipv4.conf.all.arp_ignore = 1
> 
> # When an arp request is received on eth0, only respond if that address is
> # configured on eth0. In particular, do not respond if the address is
> # configured on lo
> net.ipv4.conf.eth0.arp_ignore = 1
> 
> # Ditto for eth1, add for all ARPing interfaces
> net.ipv4.conf.bond0.arp_ignore = 1
> net.ipv4.conf.vlan0.arp_ignore = 1
> 
> 
> # Enable configuration of arp_announce option
> net.ipv4.conf.all.arp_announce = 2
> 
> # When making an ARP request sent through eth0 Always use an address that
> # is configured on eth0 as the source address of the ARP request.  If this
> # is not set, and packets are being sent out eth0 for an address that is on
> # lo, and an arp request is required, then the address on lo will be used.
> # As the source IP address of arp requests is entered into the ARP cache on
> # the destination, it has the effect of announcing this address.  This is
> # not desirable in this case as adresses on lo on the real-servers should
> # be announced only by the linux-director.
> net.ipv4.conf.eth0.arp_announce = 2
> 
> # Ditto for eth1, add for all ARPing interfaces
> net.ipv4.conf.bond0.arp_announce = 2
> net.ipv4.conf.vlan0.arp_announce = 2
> ########
> 
> I´m configuring some servers to work with ldiretord, but my approach as a
> little bit different, I already have a cluster working for mysql and they
> will be the ldirector manager and I configured anther cluster just to manage
> http/https
> 
> Regards,
> Carlos
> 
> 
> -----Mensagem original-----
> De: Dennis Jacobfeuerborn [mailto:dennisml at conversis.de] 
> Enviada em: segunda-feira, 3 de setembro de 2012 23:28
> Para: pacemaker at oss.clusterlabs.org
> Assunto: [Pacemaker] "Using ldirectord" page question
> 
>> Hi,
>> I'm trying to set up a redundant load-balancer using pacemaker and
> ldirectord and found an example for the configuration on the following page:
>> http://www.clusterlabs.org/wiki/Using_ldirectord
> 
>> What I don't understand is the following part:
>> "This gives you the virtual IP address and ldirectord running together in
> a group (ip-lvs) on one node, and the same virtual IP address assigned to
> the loopback address on all other nodes. This is necessary to make the
> routing work correctly. "
> 
>> Why is the configuration of the IP on the lo interfaces necessary for
> routing?
>> As far as I understand is the VIP only needs to run on the active node
> that is also running the ldirectord daemon. Once the failover  happens both
> move over to the new active node and the setup should continue to work as
> before. Is there something I'm missing here?
> 
>> Regards,
>>   Dennis
> 
> 
> 
> 
> _______________________________________________
> Pacemaker mailing list: Pacemaker at oss.clusterlabs.org
> http://oss.clusterlabs.org/mailman/listinfo/pacemaker
> 
> Project Home: http://www.clusterlabs.org
> Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
> Bugs: http://bugs.clusterlabs.org
> 





More information about the Pacemaker mailing list